Ignoring Search Updates are a Security Risk
April 23, 2015
Searching is an essential function for basic Internet use and it is a vital function in enterprise systems. While searching on the Internet with a search engine might not seem like a security risk, the comparable action on enterprise search could be potentially dangerous. Security Enterprises points out the potential security risks in the article, “SearchBlox Vulnerabilities Underscore Importance Of Updating Enterprise Search Tools.”
Recently the Carnegie Mellon Software Engineering Institute CERT Division compiled a list of all the security risks from SearchBlox’s software. They included ways for hackers to view private information, upload files, cross-site (XSS) scripting, and cross-site request forgeries. Enterprise security developers can learn from SearchBlox’s vulnerabilities by being aware and repairing them before a hacker discovers the information leak.
The problem, however, might come from within an organization rather than out:
“Of all the possible threats, the ability for cybercriminals to conduct XSS attacks from within the product’s default search box is likely the most concerning, Threatpost reported. On the other hand, anyone trying to take advantage of such SearchBlox vulnerabilities would need to be an authenticated user, though there is no shortage of stories about insider threats within the enterprise.”
The article alludes that SearchBlox’s vulnerabilities came from day-to-day activities that keep an organization running. Using SearchBlox as an example, other organizations with enterprise systems will be able to learn where their own products need patches so the same issues don’t happen with them. So what do you take away: most hackers are probably insiders and look for holes in the ordinary, everyday routines.
Whitney Grace, April 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Search Updates and Security Issues
April 22, 2015
Searching is an essential function for basic Internet use and it is a vital function in enterprise systems. While searching on the Internet with a search engine might not seem like a security risk, the comparable action on enterprise search could be potentially dangerous. Security Enterprises points out the potential security risks in the article, “SearchBlox Vulnerabilities Underscore Importance Of Updating Enterprise Search Tools.”
Recently the Carnegie Mellon Software Engineering Institute CERT Division compiled a list of all the security risks from SearchBlox’s software. They included ways for hackers to view private information, upload files, cross-site (XSS) scripting, and cross-site request forgeries. Enterprise security developers can learn from SearchBlox’s vulnerabilities by being aware and repairing them before a hacker discovers the information leak.
The problem, however, might come from within an organization rather than out:
“Of all the possible threats, the ability for cybercriminals to conduct XSS attacks from within the product’s default search box is likely the most concerning, Threatpost reported. On the other hand, anyone trying to take advantage of such SearchBlox vulnerabilities would need to be an authenticated user, though there is no shortage of stories about insider threats within the enterprise.”
The article alludes that SearchBlox’s vulnerabilities came from day-to-day activities that keep an organization running. Using SearchBlox as an example, other organizations with enterprise systems will be able to learn where their own products need patches so the same issues don’t happen with them. So what do you take away: most hackers are probably insiders and look for holes in the ordinary, everyday routines.
Whitney Grace, April 1, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Gartner VP Claims Researching “Ethical Programming” Necessary for Future of Smart Machines
April 17, 2015
The article on TweakTown titled Gartner: Smart Machines Must Include Ethical Programming Protocols briefly delves into the necessity of developing ethical programming in order to avoid some sort of Terminator/ I,Robot situation that culminates in the rise of the machines and the end of humanity. Gartner is one of the world’s leading technology research and advisory companies, but it hardly sounds like the company stance. The article quotes Frank Buytendijk, a Gartner research VP,
“Clearly, people must trust smart machines if they are to accept and use them…The ability to earn trust must be part of any plan to implement artificial intelligence (AI) or smart machines, and will be an important selling point when marketing this technology.”
If you’re thinking, sounds like another mid-tier consultant is divining the future, you aren’t wrong. Researching ethical programming for the hypothetical self-aware machines that haven’t been built yet might just be someone’s idea of a good time. The article concludes with the statement that “experts are split on the topic, arguing whether or not humans truly have something to worry about.” While the experts figure out how we humans will cause the end of the human reign over earth, some of us are just waiting for the end of another in a line of increasingly violent winters.
Chelsea Kerwin, April 17, 2014
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
Cyber Wizards Speak Publishes Exclusive BrightPlanet Interview with William Bushee
April 7, 2015
Cyber OSINT continues to reshape information access. Traditional keyword search has been supplanted by higher value functions. One of the keystones for systems that push “beyond search” is technology patented and commercialized by BrightPlanet.
A search on Google often returns irrelevant or stale results. How can an organization obtain access to current, in-depth information from Web sites and services not comprehensively indexed by Bing, Google, ISeek, or Yandex?
The answer to the question is to turn to the leader in content harvesting, BrightPlanet. The company was one of the first, if not the first, to develop systems and methods for indexing information ignored by Web indexes which follow links. Founded in 2001, BrightPlanet has emerged as a content processing firm able to make accessible structured and unstructured data ignored, skipped, or not indexed by Bing, Google, and Yandex.
In the BrightPlanet seminar open to law enforcement, intelligence, and security professionals, BrightPlanet said the phrase “Deep Web” is catchy but it does not explain what type of information is available to a person with a Web browser. A familiar example is querying a dynamic database, like an airline for its flight schedule. Other types of “Deep Web” content may require the user to register. Once logged into the system, users can query the content available to a registered user. A service like Bitpipe requires registration and a user name and password each time I want to pull a white paper from the Bitpipe system. BrightPlanet can handle both types of indexing tasks and many more. BrightPlanet’s technology is used by governmental agencies, businesses, and service firms to gather information pertinent to people, places, events, and other topics
In an exclusive interview, William Bushee, the chief executive officer at BrightPlanet, reveals the origins of the BrightPlanet approach. He told Cyber Wizards Speak:
I developed our initial harvest engine. At the time, little work was being done around harvesting. We filed for a number of US Patents applications for our unique systems and methods. We were awarded eight, primarily around the ability to conduct Deep Web harvesting, a term BrightPlanet coined.
The BrightPlanet system is available as a cloud service. Bushee noted:
We have migrated from an on-site license model to a SaaS [software as a service] model. However, the biggest change came after realizing we could not put our customers in charge of conducting their own harvests. We thought we could build the tools and train the customers, but it just didn’t work well at all. We now harvest content on our customers’ behalf for virtually all projects and it has made a huge difference in data quality. And, as I mentioned, we provide supporting engineering and technical services to our clients as required. Underneath, however, we are the same sharply focused, customer centric, technology operation.
The company also offers data as a service. Bushee explained:
We’ve seen many of our customers use our Data-as-a-Service model to increase revenue and customer share by adding new datasets to their current products and service offerings. These additional datasets develop new revenue streams for our customers and allow them to stay competitive maintaining existing customers and gaining new ones altogether. Our Data-as-a-Service offering saves time and money because our customers no longer have to invest development hours into maintaining data harvesting and collection projects internally. Instead, they can access our harvesting technology completely as a service.
The company has accelerated its growth through a partnering program. Bushee stated:
We have partnered with K2 Intelligence to offer a full end-to-end service to financial institutions, combining our harvest and enrichment services with additional analytic engines and K2’s existing team of analysts. Our product offering will be a service monitoring various Deep Web and Dark Web content enriched with other internal data to provide a complete early warning system for institutions.
BrightPlanet has emerged as an excellent resource to specialized content services. In addition to providing a client-defined collection of information, the firm can provide custom-tailored solutions to special content needs involving the Deep Web and specialized content services. The company has an excellent reputation among law enforcement, intelligence, and security professionals. The BrightPlanet technologies can generate a stream of real-time content to individuals, work groups, or other automated systems.
BrightPlanet has offices in Washington, DC, and can be contacted via the BrightPlanet Web site atwww.brightplanet.com.
The complete interview is available at the Cyber Wizards Speak web site at www.xenky.com/brightplanet.
Stephen E Arnold, April 7, 2015
Blog: www.arnoldit.com/wordpress Frozen site: www.arnoldit.com Current site: www.xenky.com
Tweets Reveal Patterns of Support or Opposition for ISIL
March 31, 2015
Once again, data analysis is being put to good use. MIT Technology Review describes how “Twitter Data Mining Reveals the Origins of Support for the Islamic State.” A research team lead by one WalidMagdy at the Qatar Computing Research Institute studied tweets regarding the “Islamic State” (also known as ISIS, ISIL, or just IS) to discern any patterns that tell us which people choose to join such an organization and why.
See the article for a detailed description of the researchers’ methodology. Interesting observations involve use of the group’s name and tweet timing. Supporters tended to use the whole, official name (the “Islamic State in Iraq and the Levant” is perhaps the most accurate translation), while most opposing tweets didn’t bother, using the abbreviation. They also found that tweets criticizing ISIS surge right after the group has done something terrible, while supporters tended to tweet after a propaganda video was released or the group achieved a major military victory. Other indicators of sentiment were identified, and an algorithm created. The article reveals:
“Magdy and co trained a machine learning algorithm to spot users of both types and said it was able to classify other users as likely to become pro- or anti-ISIS with high accuracy. ‘We train a classifier that can predict future support or opposition of ISIS with 87 percent accuracy,’ they say….
“That is interesting research that reveals the complexity of the forces at work in determining support or opposition to movements like ISIS—why people like [Egypt’s] Ahmed Al-Darawy end up dying on the battlefield. A better understanding of these forces is surely a step forward in finding solutions to the tangled web that exists in this part of the world.
“However, it is worth ending on a note of caution. The ability to classify people as potential supporters of ISIS raises the dangerous prospect of a kind of thought police, like that depicted in films like Minority Report. Clearly, much thought must be given to the way this kind of information should be used.”
Clearly. (Though the writer seems unaware that the term “thought police” originated with Orwell’s Nineteen Eighty-Four, the reference to Minority Report shows he or she understands the concept. But I digress.) Still, trying to understand why people turn to violence and helping to mitigate their circumstances before they get there seems worth a try. Better than bombs, in my humble opinion, and perhaps longer-lasting.
Cynthia Murrell, March 31, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
Painting an IT Worker’s House Requires an NDA
March 27, 2015
You would not think that contractors, gardeners, painters, plumbers, and electricians would have to sign an non-disclosure agreement before working on someone’s home, but according to the New York Times it is happening all over Silicon Valley. “For Tech Titans, Sharing Has Its Limits” explains how home and garden maintenance workers now have to sign NDAs for big name tech workers just like they have to with celebrities. Most of the time, workers do not even know who they are working for or recognize the names. This has made it hard to gather information on how many people require NDAs, but Mark Zuckerberg recently had a lawsuit that sheds some light about why they are being used. He goes to great lengths to protect his privacy, but ironically tech people who use NDAs are the ones who make a profit off personal information disclosures.
“The lawsuit against Mr. Zuckerberg involves a different residence, 35 miles south in Palo Alto. In it, a part-time developer named Mircea Voskerician claims that he had a contract to buy a $4.8 million house adjoining Mr. Zuckerberg’s residence, and offered to sell a piece of the property to Mr. Zuckerberg. He says that in a meeting at Facebook headquarters in Menlo Park, he discussed a deal to sell his interest in the entire property to Mr. Zuckerberg. In exchange, he says, Mr. Zuckerberg would make introductions between him and powerful people in Silicon Valley, potential future business partners and clients. Mr. Voskerician passed up a better offer on the house, the suit contends, but Mr. Zuckerberg did not follow through on the pledge to make introductions.”
Voskerician said he only signed the NDA on as a condition to the proposed agreement, but Zuckerberg’s legal representation says the NDA means all information related to him. On related terms, Facebook is making more privacy rules so only certain people can see user information. It still does not change how big name IT workers want their own information kept private. It seems sharing is good as long as it is done according to a powerful company’s definition of sharing.
Whitney Grace, March 27, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
The Ins and Outs of the Black Market Economy
March 24, 2015
The article titled The Cybercrime Economy: Welcome To The Black Market of The Internet on ZeroFox discusses the current state of the black market and the consequences of its success. The author delves into the economy of the black market, suggesting that it, too, is at the mercy of supply and demand. Some of the players in the structure of the black market include malware brokers, botnet “herders,” and monetization specialists. The article says,
“So what’s the big deal — how does this underground economy influence the economy we see day to day? The financial markets themselves are highly sensitive to the impact of cyber crime… Additionally, fluctuating bitcoin markets (which affects forex trades) and verticals that can be affected through social engineering (the Fin4 example) are both targets for exploitation on a mass scale….There is a good reason cyber security spending surpassed 70 billion in 2014: breaches are costly. Very costly.”
As for how to upset the economy of the black market, the article posits that “cutting off the head” will not work. Supply and demand keep the black market running, not some figurehead. Instead, the article suggests that the real blame lies on the monopolies that drive up prices and force consumers to look for illegal options.
Chelsea Kerwin, March 24, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
Modus Operandi Gets a Big Data Storage Contract
March 24, 2015
The US Missile Defense Agency awarded Modus Operandi a huge government contract to develop an advanced data storage and retrieval system for the Ballistic Missile Defense System. Modus Operandi specializes in big data analytic solutions for national security and commercial organizations. Modus Operandi posted a press release on their Web site to share the news, “Modus Operandi Awarded Contract To Develop Advanced Data Storage And Retrieval System For The US Missile Defense Agency.”
The contract is a Phase I Small Business Innovation Research (SBIR), under which Modus Operandi will work on the DMDS Analytic Semantic System (BASS). The BASS will replace the old legacy system and update it to be compliant with social media communities, the Internet, and intelligence.
“ ‘There has been a lot of work in the areas of big data and analytics across many domains, and we can now apply some of those newer technologies and techniques to traditional legacy systems such as what the MDA is using,’ said Dr. Eric Little, vice president and chief scientist, Modus Operandi. ‘This approach will provide an unprecedented set of capabilities for the MDA’s data analysts to explore enormous simulation datasets and gain a dramatically better understanding of what the data actually means.’ ”
It is worrisome that the missile defense system is relying on an old legacy system, but at least it is being upgraded now. Modus Operandi also sales Cyber OSINT and they are applying this technology in an interesting way for the government.
Whitney Grace, March 24, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
Digital Shadows Searches the Shadow Internet
March 23, 2015
The deep Web is not hidden from Internet users, but regular search engines like Google and Bing do not index it in their results. Security Affairs reported on a new endeavor to search the deep Web in the article, “Digital Shadows Firm Develops A Search Engine For The Deep Web.” Memex and Flashpoint are two search engine projects that are already able to scan the deep Web. Digital Shadows, a British cyber security firm, is working on another search engine specially designed to search the Tor network.
The CEO of Digital Shadows Alistair Paterson describes the project as Google for Tor. It was made for:
“Digital Shadows developed the deep Web search engine to offer its services to private firms to help them identifying cyber threats or any other illegal activity that could represent a threat.”
While private firms will need and want this software to detect illegal activities, law enforcement officials currently need deep Web search tools more than other fields. They use it to track fraud, drug and sex trafficking, robberies, and tacking contraband. Digital Shadows is creating a product that is part of a growing industry. The company will not only make profit, but also help people at the same time.
Whitney Grace, March 23, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
Accenture Makes a Big Purchase to Chase Government Clients
March 20, 2015
Accenture Federal Services (AFS) is one of the leading companies that provide technology and digital solutions for the US federal government. The parent company Accenture LLP has sought to increase its amount of federal contracts as well a products and services, so the company decided to purchase Agilex Technologies, Inc says Big News Network in “Accenture Unit To Agilex Technologies.”
” ‘Acquiring Agilex will help AFS further solidify our position as an innovative leader in the federal market. Combining our digital capabilities and agile methods will accelerate our ability to help clients harness the power of emerging digital technologies and rapid, predictable systems deployment for the federal government’s most complex challenges,’ said David Moskovitz, Accenture Federal Services chief executive.”
AFS plans to use Agilex’s technology to improve its own analytics, cloud, and mobile technology for federal organizations. Agilex, like its new owner, has worked with every cabinet-level department and federal agencies in defense, intelligence, public safety, civilian and military health organizations.
AFS will have more to offer its federal clients, but it does beg the question if it will lead to a monopoly on government contracts or increase the competition?
Whitney Grace, March 20, 2015
Stephen E Arnold, Publisher of CyberOSINT at www.xenky.com
-
- Subscribe to Beyond Search
Feature archive
News archive
-
